How to Solve elasticsearch-7.15.1 operation errors

Error 1:

WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by org.elasticsearch.bootstrap.Elasticsearch (file:/root/tools/elasticsearch-7.15.1/lib/elasticsearch-7.15.1.jar)
WARNING: Please consider reporting this to the maintainers of org.elasticsearch.bootstrap.Elasticsearch
WARNING: System::setSecurityManager will be removed in a future release
[2021-10-27T10:39:13,960][ERROR][o.e.b.ElasticsearchUncaughtExceptionHandler] [elk-node01] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.RuntimeException: can not run elasticsearch as root
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:171) ~[elasticsearch-7.15.1.jar:7.15.1]
at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:158) ~[elasticsearch-7.15.1.jar:7.15.1]
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:75) ~[elasticsearch-7.15.1.jar:7.15.1]
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:114) ~[elasticsearch-cli-7.15.1.jar:7.15.1]
at org.elasticsearch.cli.Command.main(Command.java:79) ~[elasticsearch-cli-7.15.1.jar:7.15.1]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:123) ~[elasticsearch-7.15.1.jar:7.15.1]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:81) ~[elasticsearch-7.15.1.jar:7.15.1]
Caused by: java.lang.RuntimeException: can not run elasticsearch as root
at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:103) ~[elasticsearch-7.15.1.jar:7.15.1]
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:170) ~[elasticsearch-7.15.1.jar:7.15.1]
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:399) ~[elasticsearch-7.15.1.jar:7.15.1]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:167) ~[elasticsearch-7.15.1.jar:7.15.1]
... 6 more
uncaught exception in thread [main]
java.lang.RuntimeException: can not run elasticsearch as root
at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:103)
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:170)
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:399)
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:167)
at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:158)
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:75)
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:114)
at org.elasticsearch.cli.Command.main(Command.java:79)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:123)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:81)
For complete error details, refer to the log at /data/elk_data/logs/my-elk-cluster.log

Solution: elastic refuses to run with the root user, you need to create a separate user and group for elastic.
————————————————————————————————————————
[root@elk-node01 ~]# groupadd elastic
[root@elk-node01 ~]# useradd -d /data -g elastic elastic

 

Error 2:

ERROR: [2] bootstrap checks failed. You must address the points described in the following [2] lines before starting Elasticsearch.
bootstrap check failure [1] of [2]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65535]
bootstrap check failure [2] of [2]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
ERROR: Elasticsearch did not exit normally - check the logs at /data/es_data/logs/my-elk-cluster.log
[2021-10-27T10:46:55,882][INFO ][o.e.n.Node               ] [elk-node01] stopping ...
[2021-10-27T10:46:55,898][INFO ][o.e.n.Node               ] [elk-node01] stopped
[2021-10-27T10:46:55,898][INFO ][o.e.n.Node               ] [elk-node01] closing ...
[2021-10-27T10:46:55,915][INFO ][o.e.n.Node               ] [elk-node01] closed

Solution: Modify the system kernel parameters and configure them as required.
———————————————————————————————————————————- ——-
vi /etc/security/limits.conf, add the following four lines before # End of file
* soft nofile 65535
* hard nofile 131072
* soft nproc 65535
* hard nproc 65535
vi /etc/sysctl.conf, add the following line at the end of the document
vm.max_map_count=262145
Execute sysctl -p
Note: Use ulimit -n to check the number of file handles setting, if it is still 1024, then you need to restart the VM.

Read More: